codeblackg3 bypass.exe

The executable codeblackg3 bypass.exe has been detected as malware by 6 anti-virus scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www91.zippyshare.com.
Version:
3.0.0.0

MD5:
1acd3a0828d36196ed14db1f41b5c3b9

SHA-1:
bc2e11b319d487229cf3a128efbcac756a092e8c

SHA-256:
46a0596b818bc4681ae9c09001a9397f6acc62e269fc2255399a59da85d52dd8

Scanner detections:
6 / 68

Status:
Malware

Analysis date:
12/25/2024 5:46:51 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Malware-gen
2014.9-160429

ESET NOD32
MSIL/Packed.Confuser.J suspicious (variant)
10.13384

G Data
Win32.Application.Agent.M4XZ48
16.4.25

McAfee
Artemis!1ACD3A0828D3
5600.6415

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1120

Sophos
Generic PUA LM (PUA)
4.98

File size:
482 KB (493,568 bytes)

Product version:
3.0.0.0

Original file name:
CodeBlack.exe

File type:
Executable application (Win32 EXE)

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\codeblackg3 bypass.exe

File PE Metadata
Compilation timestamp:
4/17/2016 7:22:11 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
6144:E4IQuJjgjg+cZMfJ5SSsda+KQb8amrFXNE9HJ/lnuGlSKtUEl7sMiTytLk3yfw+:E4I/gUbq3KNAamrFXNE9HJ/p

Entry address:
0x7E00A

Entry point:
FF, 25, 00, E0, 47, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Code size:
40.5 KB (41,472 bytes)

The file codeblackg3 bypass.exe has been seen being distributed by the following URL.

Remove codeblackg3 bypass.exe - Powered by Reason Core Security